Botnets, Spam and Cyberwarfare

Posted by Keith McMillan

February 28, 2008 | Leave a Comment

Six botnets are responsible for generating 85% of all spam emails, acccording to an article at Dark Reading today. I’ve known for a while that botnets are a serious threat, including in their arsenal of naughty tricks spam, vulnerability scanning, infecting other computers, stealing information from their host computers (you don’t keep your credit card numbers in Quicken, do you?) and distributed denial of service attacks. It was a shock to find that so few botnets send all that spam that clutters up inboxes.

Researchers with Marshal’s TRACE team have identified six botnets that together are currently responsible for distributing 85 percent of all spam, Dark Reading has learned.

This article came at a an opportune time. I’ve been thinking lately that in addition to all these current problems, which involve fairly visible (and traceable) activities, botnets could be very useful in cyberwarfare. I’m thinking here of the true cyberwarfare, where a foreign power decides to take out the information infrastructure of a rival country or group.

Such a militarily-oriented botnet would not need to draw attention to itself by sending out spam messages or participating in a DDOS attack, at least not until it was directed to spring into action. It would need minimal direction, and so much like a mole in an espionage novel, such a botnet could exist for years, dormant, waiting only for the command to attack the military, government or civilian IT infrastructure of the rival country.

Alternatively, you wouldn’t even really need to attack anyone. Can you imagine the economic damage to the US if every computer infected by a large botnet (these can number in the millions of computers) was suddenly directed to reformat it’s hard drive?


RSS feed | Trackback URI

Comments »

No comments yet.

Name (required)
E-mail (required - never shown publicly)
Your Comment (smaller size | larger size)
You may use <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong> in your comment.